Preview only show first 10 pages with watermark. For full document please download

Iscsi Application With Eonpath

   EMBED


Share

Transcript

Application Note Application Note: iSCSI Configuration from the Bottom Up Purpose This document guides users through all configuration processes of an iSCSI storage system (S16E or S12E series using firmware revision 3.73). Some features, e.g., Grouping (Multiple Connections per Session) and SLP (Service Location Protocol), require the mutual support from counterpart devices in an iSCSI network. iSCSI Configuration from the Bottom Up Table of Contents Table of Contents....................................................................................................................................................... 1 1. Developing a Topology........................................................................................................................................ 2 iSCSI DAS Single controller model (G models) ......................................................................................................... 2 iSCSI IP SAN – 1....................................................................................................................................................... 3 iSCSI IP SAN – 2....................................................................................................................................................... 4 iSCSI IP SAN – 3....................................................................................................................................................... 5 iSCSI IP SAN – 4....................................................................................................................................................... 6 2. Trunking (Link Aggregation)............................................................................................................................ 8 3. Network Interface Settings .............................................................................................................................14 IP Addresses to the iSCSI Host Ports .......................................................................................................................14 Internet Protocol Version 6 (IPv6) Address ...............................................................................................................15 4. Grouping (MC/S, Multiple Connections per Session) ......................................................................................18 5. Create Host Channel IDs....................................................................................................................................22 6. Host LUN Mapping..............................................................................................................................................22 7. CHAP Login Authentication ...............................................................................................................................25 8. Initiator Configuration (Using Microsoft Software Initiator)............................................................................30 “channel number” - “host ID” - “LD ownership” .........................................................................................................31 9. EonPath Driver Installation ................................................................................................................................37 10. iSNS Configuration (optional)..........................................................................................................................39 iSNS Configuration Sample ......................................................................................................................................40 11. SLP Configuration (optional) ...........................................................................................................................43 12. Jumbo Frame ....................................................................................................................................................48 © 2008 Infortrend Technology Inc. All Rights Reserved. 1 iSCSI Configuration from the Bottom Up 1. Developing a Topology The samples below start from simple, single-controller DAS to complex, load-sharing, redundant-controller configurations. Multiple logical drives will be created to be managed by partner RAID controllers depending on the number of RAID and JBOD enclosures. iSCSI DAS Single controller model (G models) # Host # HBA # Channel # Cable # Controller # LD # Map Hub status 1 2 with 2 ports 4 4 1 2 4 None HBA 0 HBA 1 Ctlr_A LD 0 Maps: LD 0: CH 0 – AID* CH2 – AID* LD 1 Maps: LD 1: CH 1 – AID* CH3 – AID* Type Failed Available Path MPIO HBA failure HBA 0 LD 0: HBA 1 – CH 2 – AID – LD 0 9 LD 1: HBA 1 – CH 3 – AID – LD 1 Cable failure HBA 0 - LD 0: HBA 1 – CH 2 – AID – LD 0 CH0 - LD 1: HBA 0 – CH 1 – AID – LD 1 Ctlr_A LD 1: HBA 1 – CH 3 – AID – LD 1 Controller failure Ctlr_A X Controller absent Ctlr_A © 2008 Infortrend Technology Inc. All Rights Reserved. 9 2 iSCSI Configuration from the Bottom Up iSCSI IP SAN – 1 Single controller model (G models) # Host # HBA # Channel # Cable # Controller # LD # Map Hub status 2 4 with 1 port 4 8 1 2 4 None Host 0 Host 1 HBA 0, 1 HBA 2, 3 (VLAN) 0 (VLAN) 1 Ch 0 - 3 Ctlr_A Maps: LD 0: Ch 0 – AID* Ch 1 – AID* LD 0 LD 1 Maps: LD 1: Ch 2 – AID* Ch 3 – AID* Type Failed Available Path MPIO HBA failure HBA 0 Host 0 -> LD 0: HBA 1 – VLAN0 – CH0 – AID – LD 0 9 Host 0 -> LD 0: HBA 1 – VLAN0 – CH1 – AID – LD 0 Same with host HBA 0 failed 9 VLAN0 - Host 0 -> LD 0: HBA 0 – VLAN0 – CH1 – AID – LD 0 9 Ctlr_A Host 0 -> LD 0: HBA 1 – VLAN0 – CH1 – AID – LD 0 Switch failure Zone 0 X (Host 0 -> LD 0) Controller failure Ctlr_A X Controller absent Ctlr_A One Cable failure HBA 0 – VLAN0 © 2008 Infortrend Technology Inc. All Rights Reserved. 3 iSCSI Configuration from the Bottom Up iSCSI IP SAN – 2 Single controller model (G) for clustering environment # Host # HBA # Channel # Cable # Controller # LD # Map Hub status 2 4 with 1 port 4 8 1 2 4 None Host 0 Host 1 HBA 0, 1 HBA 2, 3 (VLAN) 1 (VLAN) 0 CH0 - 3 Ctlr_A Maps: LD 0: CH0 – AID* CH1 – AID* LD 0 LD 1 Maps: LD 1: CH2 – AID* CH3 – AID* Type Failed Available Path MPIO HBA failure HBA 0 X (Failed over handled by clustering OS) 9 Cable failure HBA 0 – Same as host HBA 0 failed 9 VLAN0 - Host 0 -> LD 0: HBA 1 – VLAN1 – CH1 – AID – LD 0 9 Ctlr_A Host 1 -> LD 0: HBA 3 – VLAN1 – CH1 – AID – LD 0 Switch failure VLAN0 Same as cable in VLAN0 – Ctrl_A failed Controller failure Ctlr_A X Controller absent Ctlr_A VLAN0 © 2008 Infortrend Technology Inc. All Rights Reserved. 9 4 iSCSI Configuration from the Bottom Up iSCSI IP SAN – 3 Redundant controller models, for one host, two hosts or clustering environment # Host # HBA # Channel # Cable # Controller # LD # Map Hub status 2 (1) 4 with 1 port 2 12 (10) 2 2 4 None Host 0 Host 1 HBA 2, 3 HBA 0, 1 (VLAN) 0 (VLAN) 1 Grouping with Multiple Connections: CH0 = CH0 + CH1 + CH2 + CH3 CH0 Ctlr_A CH0 Maps: LD 0: CH0 – AID* CH0 – BID LD 0 Ctlr_B LD 1 Maps: LD 1: CH0 – BID* CH0 – AID Users can also configure Host1 as a non-clustered server. Type Failed Available Path MPIO HBA failure HBA 0 Host 0 -> LD 0: HBA 1 – VLAN1 – CH0 – BID – LD 0 (re-route) 9 Host 0 -> LD 1: HBA 1 – VLAN1 – CH0 – BID – LD 1 Same with host HBA 0 failed 9 VLAN0 - One cable failed: no effect, both cables failed: 9 CH0 - Host 0 -> LD 0: HBA 1 – VLAN1 – CH0 – BID – LD 0 (re-route) Ctlr_A Host 0 -> LD 1: HBA 1 – VLAN1 – CH0 – BID – LD 1 Switch failure VLAN0 Same with host HBA 0 failed 9 Controller failure Ctlr_A Host 0 -> LD 0: HBA 1 – VLAN1 – CH0 – AID – LD 0 9 Cable failure HBA 0 – VLAN0 Host 0 -> LD 1: HBA 1 – VLAN1 – CH0 – BID – LD 1 Controller absent Ctlr_A Same as controller A failure 9 NOTE: For a configuration with two application servers and without clustering, users should use file locking, port binding, LUN Masking or VLAN to avoid different hosts from accessing the same LD causing data contention. © 2008 Infortrend Technology Inc. All Rights Reserved. 5 iSCSI Configuration from the Bottom Up iSCSI IP SAN – 4 Redundant controller models , for one host, two hosts or clustering environment # Host # HBA # Channel # Cable # Controller # LD # Map Hub status 2 (1) 4 with 1 port 4 12 (10) 2 4-8 8-16 None Host 0 Host 1 HBA 0, 1 HBA 2, 3 (VLAN) 0 (VLAN) 1 Ctlr_A LD 0 LD 1 Maps: LD 0: CH0 – AID* CH0 – BID Maps: LD 1: CH1 – AID* CH1 – BID Ctlr_B LD 2 Maps: LD 2: CH2 – BID* CH2 – AID LD 3 Maps: LD 3: CH3 –BID* CH3 – AID Note: For making the most out of this configuration, users can create 4 or more LDs (LD4, LD5, LD6, and LD7) and assign passive paths as their active data paths such as the following: LD 4: CH2 – AID* CH2 – BID LD 5: CH3 – AID* CH3 – BID LD 6: CH0 – BID* CH0 – AID LD 7: CH1 – BID* CH1 – AID Users can also configure Host1 as a non-clustered server. Type Failed Available Path MPIO HBA failure HBA0 Host 0 -> LD 0: HBA 1 – VLAN1 – CH0 – BID – LD 0 (re-route) 9 Host 0 -> LD 1: HBA 1 – VLAN1 – CH1 – BID – LD 1 (re-route) Host 0 -> LD 2: HBA 1 – VLAN1 – CH2 – BID – LD 2 Host 0 -> LD 3: HBA 1 – VLAN1 – CH3 – BID – LD 3 Cable failure Same with host HBA0 failure 9 VLAN0 Host 0 -> LD0: HBA 1 – VLAN1 – CH0 – BID – LD 0 (re-route) 9 – CH0 – Host 0 -> LD1: HBA 0 – VLAN0 – CH1 – AID – LD 1 HBA0 – VLAN0 © 2008 Infortrend Technology Inc. All Rights Reserved. 6 iSCSI Configuration from the Bottom Up Ctlr_A Host 0 -> LD2: HBA 1 – VLAN1 – CH2 – BID – LD 2 Host 0 -> LD3: HBA 1 – VLAN1 – CH3 – BID – LD 3 Switch failure VLAN0 Same as host HBA0 failure 9 Controller failure Ctlr_A Host 0 -> LD0: HBA 1 – VLAN1 – CH0 – AID – LD 0 9 Host 0 -> LD1: HBA 1 – VLAN1 – CH1 – AID – LD 1 Host 0 -> LD2: HBA 1 – VLAN1 – CH2 – BID – LD 2 Host 0 -> LD3: HBA 1 – VLAN1 – CH3 – BID – LD 3 Controller absent Ctlr_A Same as controller A failure 9 Note: For a configuration consisting of two servers without clustering, users should use File locking, port binding, LUN Masking, or VLAN to avoid different host from accessing the same LD causing data contention. © 2008 Infortrend Technology Inc. All Rights Reserved. 7 iSCSI Configuration from the Bottom Up 2. Trunking (Link Aggregation) Trunking is implemented following IEEE standard 802.3. Concerns: 1. Use Limitations: a. Channel IDs: If multiple host ports are trunked, IDs will be available as if on one channel. b. IP Address Setting: Trunked ports will have one IP address. Trunked ports reside in the same subnet. c. LUN Mapping: LUN mapping to a trunked group of ports is performed as if mapping to a single host port. d. Switch Setting: The corresponding trunk setting on switch ports should also be configured, and it is recommended to configure switch setting before changing system setting. Sample pages of switch trunk port settings (3COM 2924-SFP Plus) are shown below: Configuration is done via Port -> Link Aggregation -> Aggregation group ID. Port selection is done via LACP -> Select port. © 2008 Infortrend Technology Inc. All Rights Reserved. 8 iSCSI Configuration from the Bottom Up Refer to the documentation that came with your Ethernet switches for instructions on trunk port configuration. Make sure you have appropriate configurations both on your iSCSI-host systems and Ethernet switches. Otherwise, networking failures will occur. © 2008 Infortrend Technology Inc. All Rights Reserved. 9 iSCSI Configuration from the Bottom Up Limitation [Conditions and/or limitation] 1. Aggregation interfaces must be connected in the same network, often the same Ethernet switch, limiting the physical isolation of the multiple paths. 2. Trunking implementation is dependent on having aggregation-capable devices and switches. 3. All ports can be trunked into a single IP, or several IPs. For example, there are 4 GbE ports in iSCSI storage system and user can configure those 4 ports into a single IP, or two IPs each by trunking two physical ports. Taking the redundant controller S16E-R as an example, trunked port combinations can be: Trunked ports Controller A host ports 4 3+1 2+2 Controller B host ports 4 3+1 2+2 4. If a trunk configuration is not valid, firmware will report a trunk failure event. For example, with 4 GbE ports into a trunk on an iSCSI storage system, while the corresponding ports on GbE switch are not trunked. If so, the trunking configuration is not completed and another event will prompt. Users should configure switch settings and reboot iSCSI storage system again. 5. Requirements on system reset after making changes to trunk configuration: a. Create new trunk groups or change member ports b. Change trunk group ID c. Change IP address: Reset (as usual, both iSCSI host ports and the 10/100BaseT mgmt. port) © 2008 Infortrend Technology Inc. All Rights Reserved. 10 iSCSI Configuration from the Bottom Up 6. Trunking and iSCSI MC/S (Multiple Connections per Session): 6-1. Configure port trunking before MC/S configuration. 6-2. If there are any configured MC/S groups when creating IP trunking, remove those MC/S groups. 7. Link Aggregation, according to IEEE 802.3, does not support the following: ƒ Multipoint Aggregations The mechanisms specified in this clause do not support aggregations among more than two systems. ƒ Dissimilar MACs Link Aggregation is supported only on links using the IEEE 802.3 MAC (Gigabit Ethernet and FDDI are not supported in parallel but dissimilar PHYs such as copper and fiber are supported) ƒ Half duplex operation Link Aggregation is supported only on point-to-point links with MACs operating in full duplex mode. ƒ Operation across multiple data rates All links in a Link Aggregation Group operate at the same data rate (e.g. 10 Mb/s, 100 Mb/s, or 1000 Mb/s). 8. Users cannot remove a master trunk port from a trunk configuration, for example, CH0 of a trunk group consisting of channels 0, 1, 2, and 3. The first port (having a smallest index number) within a trunk group is considered a master port member. To break master port from the trunk group, you can delete the whole trunk group. © 2008 Infortrend Technology Inc. All Rights Reserved. 11 iSCSI Configuration from the Bottom Up Configuration Procedure: Step 1. Trunk setting is found under View and Edit Configuration Parameters -> Communication Parameters -> View and Edit Trunk Group Setting. Press Enter to enter its sub-menu. Step 2. When prompted by Create Trunk Group?, press Enter on Yes to proceed. If there is no available host ports for trunk setting, or MC/S groups have been created, you will receive an error message saying “No available channel!”. Step 3. Press Enter once to select each channel. Move to next channel using the arrow keys. Press ESC when you finish your selection. There are channels that CANNOT be selected: 1. Channels that have LUN mapping on them. 2. Channels that are already trunked. 3. Channels that are already included in MC/S groups. Step 4. Select Yes and press Enter on the confirm box. © 2008 Infortrend Technology Inc. All Rights Reserved. 12 iSCSI Configuration from the Bottom Up Step 5. Trunked ports configuration may look like this. You can select up to 4 host ports into a trunk. Step 6. You can remove a member from a trunk group, or delete an existing group using the following commands. Note that you cannot remove a member if you have LUN mapping on the trunked ports. Step 7. Reset your iSCSI system for trunk setting to take effect. If your switch ports have not been configured, you will receive an error message saying trunk port configuration failure. If you configure ports 0 and 1 into trunk 1, and ports 2 and 3 into trunk 2, in View and Edit Channels menu, you can see that the corresponding channels are automatically configured into MC/S groups. © 2008 Infortrend Technology Inc. All Rights Reserved. 13 iSCSI Configuration from the Bottom Up 3. Network Interface Settings IP Addresses to the iSCSI Host Ports Contact your network administrator to obtain a list of valid IP addresses. Provide the adequate NetMask and Gateway values accordingly so that the host ports can connect to the initiators on your application servers. To access the Internet Protocol submenu, press [ENTER] to confirm a selection and use the arrow keys to navigate. Step 1. The iSCSI host port IPs can be found under “View and Edit Configuration Parameters” -> “Communication Parameters” -> “Internet Protocol (TCP/IP)”. On a redundant-controller system, both controllers have 4 host channels labeled as CH0, CH1, CH2, and CH3. Step 2. Press [ENTER] on a host port you wish to configure. The identity of a host port is presented as: “Channel number [LAN] MAC address – IP address (IP acquisition method)” The Slot A and Slot B addresses refer to the host ports on different RAID controllers. NOTE1: “lan0” is a 10/100BaseT management port for telnet or SANWatch access. NOTE2: The corresponding controller A ports and controller B ports © 2008 Infortrend Technology Inc. All Rights Reserved. 14 iSCSI Configuration from the Bottom Up should be in the same subnet. In the event of controller failure, host should be able to access the alternate data paths on a surviving controller. Step 3. Press [ENTER] to select “Set IP Address”. Step 4. Reset the controller later when you finish all network settings. Internet Protocol Version 6 (IPv6) Address Since IPv6 comes with a more autonomous support for automatic addressing, automatic network configuration is applied in most deployments. An automatic local name resolution is available with or without a local Domain Name Server (DNS). Key in “AUTO” in the IPv6 address field, and the address will be available after a system reset. IPv6 addresses can be acquired through the following ways: • A link-local address is automatically configured by entering AUTO in the IPv6 address field. With a point-to-point connection without router, addresses will be generated using port MAC addresses starting with “fe80::.” Link-locals are addresses within the same subnet. • If addresses are automatically acquired, the “Subnet prefix length” and the “Route” fields can be left blank. © 2008 Infortrend Technology Inc. All Rights Reserved. 15 iSCSI Configuration from the Bottom Up • A DHCPv6 server, if present in the network, will be automatically queried for an IPv6 address. • If an IPv6 router is present, you can Key in AUTO in the Route field and let a router’s advertisement mechanism determine network addresses. • You can also manually enter IPv6 addresses by generating the last 64 hexadecimal bits from the 48-bit MAC addresses of Ethernet ports in EUI-64 format, and then use the combination of fe08 prefix and prefix length to signify a subnet. A sample process is shown below: 1. Insert FFFE between company ID and node ID, as the fourth and fifth octets (16 bits). 2. Set the Universal/Local (U/L) bit, the 7th of the first octet, to a value of 0 or 1. “0” indicates a locally administered identity, while “1” indicates a globally unique IPv6 interface ID. Infortrend supports a variety of IPv6 mechanisms including Neighbor Unreachability Detection, stateful and stateless address autoconfiguraion, ICMPv6, Aggregatable Global Unicast Address, Neighbor Discovery, etc. The Prefix Length field The prefix length is part of the manual setting. An IPv6 network is a contiguous group of IPv6 addresses. The size of this field must be a power of 2. The Prefix Length designates the number of bits for the first 64 bits of the Ipv6 addresses, which are identical for all hosts in a given network, are called the network's address prefix. © 2008 Infortrend Technology Inc. All Rights Reserved. 16 iSCSI Configuration from the Bottom Up Such consecutive bits in IPv6 addresses are written using the same notation previously developed for IPv4 Classless Inter-Domain Routing (CIDR). CIDR notation designates a leading set of bits by appending the size (in decimal) of that bit block (prefix) to the address, separated by a forward slash character (/), e.g., 2001:0db8:1034::5678:90AB:CDEF:5432/48. (In firmware screen, slash is not necessary. The prefix number is entered in the length field.) The architecture of IPv6 address is shown below: The first 48 bits contain the site prefix, while the next 16 bits provide subnet information. An IPv6 address prefix is a combination of an IPv6 prefix (address) and a prefix length. The prefix takes the form of “ipv6-prefix/prefix-length” and represents a block of address space (or a network). The ipv6-prefix variable follows general IPv6 addressing rules (see RFC 2373 for details). For example, an IPv6 network can be denoted by the first address in the network and the number of bits of the prefix, such as 2001:0db8:1234::/48. With the /48 prefix, the network starts at address 2001:0db8:1234:0000:0000:0000:0000:0000 and ends at 2001:0db8:1234:ffff:ffff:ffff:ffff:ffff. Individual addresses are often also written in CIDR notation to indicate the routing behavior of the network they belong to. For example, the address 2001:db8:a::123/128 indicates a single interface route for this address, whereas 2001:db8:a::123/32 may indicate a different routing environment. IPv6 Prefix Description 2001:410:0:1::45FF/128 A subnet with only one Ipv6 address 2001:410:0:1::/64 64 A subnet that contains 2 nodes. Often the default prefix length for a subnet. 2001:410:0::/48 16 A subnet that contains 2 nodes. Often the default prefix length for a site. © 2008 Infortrend Technology Inc. All Rights Reserved. 17 iSCSI Configuration from the Bottom Up 4. Grouping (MC/S, Multiple Connections per Session) NOTE: If iSCSI ports are configured into trunked groups, they are automatically configured into MC/S groups, meaning that you can skip this section. Grouping is different from Trunking. Trunking binds multiple physical interfaces so they are treated as one, and is accomplished in the TCP/IP stack. MC/S on the other hand allows the initiator portals and target portals to communicate in a coordinated manner. MC/S provides sophisticated error handling such that a failed link is recovered quickly by other good connections in the same session. MC/S is part of the iSCSI protocol that is implemented underneath SCSI and on top of TCP/IP. Grouping (MC/S) combines multiple host ports into a logical initiator-target session. MC/S can improve the throughput and transfer efficiency over a TCP session. Besides, this feature saves you the effort of mapping a logical drive to multiple host channel IDs on multiple host ports. © 2008 Infortrend Technology Inc. All Rights Reserved. 18 iSCSI Configuration from the Bottom Up NOTE: If you prefer grouping using iSCSI TOE HBA cards, your HBAs must also support MC/S. Configuration: The Grouping function is found under “View and Edit Channels.” Press Enter on a Host Channel entry to display the channel-related functions. Change the Group number on multiple channels to put them into the same logical group. NOTE: Changing group configurations requires resetting your system. With logical grouping, a logical drive mapped to a channel group will appear as one device on multiple data paths. This is very similar to the use of multi-pathing drivers. Grouping allows a consistent look of a storage volume to be seen over multiple connections, in a way very similar to the use of multi-pathing software. Without grouping, a storage volume will appear as two devices on two data paths. NOTE: For a redundant-controller system, you still need EonPath multi-pathing driver to manage the data paths from different RAID controllers. Appropriate configuration on software initiator is also necessary with grouping. The configuration process will be discussed later. © 2008 Infortrend Technology Inc. All Rights Reserved. 19 iSCSI Configuration from the Bottom Up W/o grouping W/ grouping Host ports on different RAID controllers (a redundant-controller system) ARE NOT grouped together. Namely, in the event of a single controller failure, the IPs do not failover to the surviving controller. A parallel configuration logic is applied in Infortrend’s firmware utility. On the firmware screen of a redundant-controller system, you see the channel settings for a single controller, yet they are automatically applied to the partner controller. If you configure “channel groups,” you actually create juxtaposed groups on partner controllers. (see drawing on the left) One volume mapped to both an AID and a BID will appear as two devices on the A links and on the B links. You will then need the EonPath multi-pathing driver to manage the fault-tolerant paths. Here is a sample of 1 logical drive appearing as 2 devices across 8 data links (on 2 channel groups). With the help of EonPath, mapping to both controllers’ IDs can ensure continuous access to data in the event of cabling or controller failure. © 2008 Infortrend Technology Inc. All Rights Reserved. 20 iSCSI Configuration from the Bottom Up NOTE: Once channels are grouped, the channel group will behave as one logical channel, and the attributes of individual host channels will disappear. For example, if 4 channels are grouped together, only the IDs on the first channel remain. Before Grouping After Grouping Channel 0 ID 0 Channel 0 ID 0 Channel 1 ID 0 Channel 1 - Channel 2 ID 0 Channel 2 - Channel 3 ID 0 Channel 3 - NOTE: Although the individual channel information is not available, you still need to take care of the TCP/IP connections. For example, you will need to consult your network administrator and configure a static port IP for your iSCSI host ports. The individual host port information is found under “View and Edit Configuration Parameters” -> “Communication Parameters” -> “Internet Protocol (TCP/IP)” -> “chx[LAN] MACAddr xxxxx.” © 2008 Infortrend Technology Inc. All Rights Reserved. 21 iSCSI Configuration from the Bottom Up 5. Create Host Channel IDs A redundant-controller system comes defaulted with 2 channel IDs, AID0 and BID1, which are not sufficient for redundant controller settings. Create more IDs under the View and Edit Channel menu. Adding IDs requires rebooting your storage system. 6. Host LUN Mapping Once your network and RAID volume settings are done, install and enable initiators on your application servers. You can now turn on the network devices, storage system, and servers, and map your storage volumes to host LUNs so that network connectivity can be verified. © 2008 Infortrend Technology Inc. All Rights Reserved. 22 iSCSI Configuration from the Bottom Up The above drawing shows a basic fault-tolerant configuration where service can continue with any single point of cabling or RAID controller failure. For simplicity reasons, only 1 server and 4 host links from it are shown. More logical drives, HBAs, or servers can attach to the configuration. Create Initiator List When your application servers are powered on, you should be able to see © 2008 Infortrend Technology Inc. All Rights Reserved. 23 iSCSI Configuration from the Bottom Up initiators from the firmware screen. Use the initiator list to organize your iSCSI connections. In the initiator’s attribute window, you can configure the following: 1. Enter a nickname for an initiator. 2. 2-1. Manually key in an initiator’s IQN. Or, 2-2. Select an initiator from a list of IQNs that have already been detected. 3. Configure either the one-way or mutual CHAP authentication (see 7. CHAP Login Authentication). 4. Apply IP Address and NetMask settings (if necessary). Multiple initiator ports on an application server can sometimes share the same IQN. Having a list of initiators in firmware can facilitate the process for configuring host LUN mapping and LUN Masking control. Continue with CHAP settings in the following section. © 2008 Infortrend Technology Inc. All Rights Reserved. 24 iSCSI Configuration from the Bottom Up 7. CHAP Login Authentication CHAP is one of the ways to authenticate access from networked servers to the iSCSI storage. CHAP stands for Challenge Handshake Authentication protocol. With this protocol, the host-side initiators and storage systems use the encrypted password to authenticate each other remotely. Step 1. To enable the CHAP authentication, select “View and Edit Configuration Parameters” in the Main Menu, “Host-side Parameters,” and then press [ENTER] on “Login Authentication with CHAP” to activate the selection prompt. Step 2. Both one-way and two-way (mutual) CHAP authentications are supported. With two-way CHAP, a separate three-way handshake is initiated between an iSCSI initiator and the storage system’s host ports. © 2008 Infortrend Technology Inc. All Rights Reserved. 25 iSCSI Configuration from the Bottom Up The CHAP-related options are found with the iSCSI Initiator List in your firmware screen under the “View and Edit Host LUNs” sub-menu. CHAP should be set by every initiator. Select and edit an initiator’s attributes as shown in the following screen. The User Name, User Password, Target Name, and Target Password are used for CHAP authentication. User Password (One-way) has to be at least 12 bytes, and the Target Password (Two-way, outbound) has to be at least 14 bytes. Step 3. Enter an identical passwords (secret) in the firmware configuration screen above and in the initiators’ screens below. Step 4. Return to the Microsoft software initiator screen, under the General tab, enter the password for Two-way CHAP by clicking the Secret button (One you entered in firmware for the Target Password). © 2008 Infortrend Technology Inc. All Rights Reserved. 26 iSCSI Configuration from the Bottom Up Step 5. Under the Discovery tab, click the Add button and enter the IP addresses of the iSCSI ports of your storage system. You have to repeat the Add process until all ports are added, and therefore the CHAP User Name and Secret have to be entered multiple times. © 2008 Infortrend Technology Inc. All Rights Reserved. 27 iSCSI Configuration from the Bottom Up Step 6. Under the Targets tab, click Log on to activate the connection with a storage iSCSI port. Click the Advanced button after selecting the “Automatically Restore this connection…“ check box. Step 7. Enter User name and Target secret for the One-way CHAP. Click the Perform Mutual Authentication check circle if your prefer using mutual authentication. © 2008 Infortrend Technology Inc. All Rights Reserved. 28 iSCSI Configuration from the Bottom Up NOTE: Make sure the IQNs are correct by checking the initiator and the firmware screens. If you see active status from the initiator’s Discovery screen, then the connection is successful. You can use the “Add from current discovery list” function to check if the initiator’s node name is changed. If the IQN is changed, the change will affect your initiator list. Microsoft iSCSI initiator uses IQN as the default User name for CHAP setting. A different User Name can be specified instead of the default. © 2008 Infortrend Technology Inc. All Rights Reserved. 29 iSCSI Configuration from the Bottom Up 8. Initiator Configuration (Using Microsoft Software Initiator) IMPORTANT! If you intend to use Microsoft initiator and Infortrend’s EonPath multipathing driver, disable the MPIO option as shown below while installing your initiator software. They might cause a compatibility issue. In a redundant-controller iSCSI storage configuration, special attention should be paid to the configuration with host-side initiators. The following procedure will be exemplified using Microsoft iSCSI initiators. First, you should jot down a list of host port IPs from the “View and Edit Channels” menu. In this sample procedure, there are 8 host port IPs. You may then develop a connection view diagram as follows: © 2008 Infortrend Technology Inc. All Rights Reserved. 30 iSCSI Configuration from the Bottom Up IQN Name: There are several places you can see the IQN (iSCSI Qualified Name) of a logical drive appearing through the network. IQN names are necessary when configuring iSCSI session or if you are using iSCSI TOE HBAs. 1. You can scan the storage devices and see its IQN name through the initiator HBA utility or initiator software running on the host side, e.g., Microsoft iSCSI initiator. 2. You can use the LCD keypad to find the serial number of a system. Find it in “Main Menu” –> “System Information” -> “Serial Number” Infortrend’s storage IQN is composed of the system serial number and another 3 digits. The IQN always looks like the following: Iqn.2002-10.com.infortrend:raid.snXXXXXX.XXX The 6 digits following the “sn” is the system’s serial number. The last 3 digits show variables in the following order: “channel number” - “host ID” - “LD ownership” The LD ownership digit shows either “1” or “2:” where “1” indicates Controller A and “2” indicates the LD ownership by the Controller B. Controller A is by default the dominating Primary controller. The IQN is in accordance with how you map your logical drive to the host ID/LUN. For example, if you map a logical drive to host channel 0 and AID1, the last 3 digits will be 011. © 2008 Infortrend Technology Inc. All Rights Reserved. 31 iSCSI Configuration from the Bottom Up NOTE: The EonStor iSCSI systems running firmware versions before rev. 3.64 will only show 2 digits; channel and ID numbers. Sample Procedure Step 1. To configure multiple portal access with the Grouping methodology, first open the initiator interface and manually add a target port address, e.g., 192.168.140.90. Click the Add button to add a target port IP. (You might have done this during the CHAP authentication setup) Step 2. Under the Targets tab, select an IQN number from the list. From here you can identify the iSCSI targets by the last 3 digits of the IQN names. You can identify a storage volume appearing through different data links. © 2008 Infortrend Technology Inc. All Rights Reserved. 32 iSCSI Configuration from the Bottom Up Step 3. Click Log On… The Log On to Target window will prompt. Click the Advanced button on it. Step 4. Select appropriate options for 1). Local adapter, 2). Source IP, and 3). Target Portal from their respective pull-down lists. Click OK to close the window. When selecting a Target Portal from the pull-down list, make sure you correctly associate a Target with the target portal. For example, a Target (Logical Drive) managed by Controller A should be associated with a target portal that is a controller A port. Iqn.2002-10.com.infortrend:raid.snXXXXXX.XX1 -> A port target portal Iqn.2002-10.com.infortrend:raid.snXXXXXX.XX2 -> B port target portal © 2008 Infortrend Technology Inc. All Rights Reserved. 33 iSCSI Configuration from the Bottom Up Step 5. Return to the Targets window. Click on the Details button to add more target ports for this iSCSI taget. The Target Properties window will prompt. Click the Connections button. Step 6. On the Session Connections window, select the Least Queue Depth load-balancing policy from the pull-down list, and then use the Add button below to include other target portals (A port portals) into the iSCSI session. © 2008 Infortrend Technology Inc. All Rights Reserved. 34 iSCSI Configuration from the Bottom Up Step 7. Click the Advanced button on the Add Connection box. Step 8. The Session Connections window will prompt again. Select load-balancing policy and add target port using the Add button. Click OK on the following screens to complete the configuration process. Step 10. Now you have finished configuring a logical drive target with target © 2008 Infortrend Technology Inc. All Rights Reserved. 35 iSCSI Configuration from the Bottom Up portals from controller A. You may then repeat the process above to associate another logical drive target with target portals from controller B. For example, you can start from adding 192.168.140.94 (a controller B port) in the Discovery window. Other portals from controller B, 192.168.140.95, …96, …97, will automatically appear in the pull-down list. Step 11. When you finish the configuration process, the logical drives will appear as multiple disk devices in the Windows Disk Drive management window. Install the EonPath multi-pathing software so that host can recognize them as devices accessed through fault-tolerant links. NOTE: Your iSCSI configuration may involve multiple servers and many logical drives. The maximum number of TCP sessions is 64 if you have a 1GB data cache in RAID controllers; and 32 sessions if using 512MB cache. © 2008 Infortrend Technology Inc. All Rights Reserved. 36 iSCSI Configuration from the Bottom Up 9. EonPath Driver Installation Install Driver on the Application Server (Taking Windows as an Example) Step 1. Select and execute the appropriate EonPath driver for your OS by a double-click. EonPath is included in your product CD, and the driver revisions can be acquired via technical support. Step 2. The progress indicator and a DOS prompt will appear. Step 3. Press Y to confirm the legal notice. Step 4. Press Enter when the installation process is completed. Step 5. Reboot your server for the configuration to take effect © 2008 Infortrend Technology Inc. All Rights Reserved. 37 iSCSI Configuration from the Bottom Up Step 6. You can check the availability of EonPath service using the Computer Management utility by a right-click on the My Computer icon. Select Manage, and select Services from the item tree. Step 7. Since the multi-pathing driver is already working, you can see multi-path device in Device Manager -> Disk Drives. Step 8. Upon seeing the Multi-Path Disk Device, you can start using the storage volumes from the redundant-controller iSCSI system. © 2008 Infortrend Technology Inc. All Rights Reserved. 38 iSCSI Configuration from the Bottom Up NOTE: The installation might fail if you run an earlier firmware where the EonPath license is not activated. Almost all ASIC400 EonStor models come with an embedded EonPath license. You can check the availability of license through the license key menu on the SANWatch software’s menu bar. If your license key for EonPath is not enabled, contact technical support. 10. iSNS Configuration (optional) iSNS Overview iSNS stands for Internet Storage Name Service. iSNS is a common discovery, naming, and resource management service for all of the IP storage protocols. Infortrend’s iSNS implementation complies with RFC 4171 standards. iSNS discovers iSCSI initiators and targets within a domain and their related information. Windows iSNS server is available in Windows 2000 service pack 4 and Windows Server 2003. ƒ The iSNS functions can be embedded in an IP Storage switch, gateway, or router, or centralized in an iSNS server. ƒ Initiators then can query the iSNS to identify potential targets. © 2008 Infortrend Technology Inc. All Rights Reserved. 39 iSCSI Configuration from the Bottom Up ƒ An example of iSNS implementations is Microsoft’s iSNS Server 3.0, which is available at Microsoft’s download site. http://www.microsoft.com/downloads/details.aspx?familyid=0dbc4af5-941 0-4080-a545-f90b45650e20&displaylang=en The iSNS server enables the interchange of data in a domain consisting of initiators and targets according to user’s preferences. iSNS Configuration Sample Host A Host B iSNS server 192.168.140.50 iSCSI initiator 192.168.140.10 Ethernet switch Target Port IP: 192.168.140.90 192.168.140.91 192.168.140.92 S16E-R1130 192.168.140.93 Configuration Flowchart Step 1. Step 2. Step3. iSCSI configuration on RAID A) Add iSNS server address to RAID firmware iSNS server configuration on iSCSI initiator Discover initiators and targets on iSNS server B) Add initiator addresses to RAID firmware © 2008 Infortrend Technology Inc. All Rights Reserved. 40 iSCSI Configuration from the Bottom Up The iSNS service option is found in “View and Edit Configuration Parameters” -> ”Communication Parameters.” Press Enter on an existing or an empty entry to key in the IP address where iSNS service resides. Step 1. Locate the ISNS Server List option in the Communication Parameters window. Press Enter on the IP list screen. Step 2. Select Add new ISNS server IP Address. Step 3. Select Yes and then enter the iSNS server address. Step 4. Configuring iSNS server address requires resetting the system. You can reset later when you finish configuring other iSCSI parameters. Please refer to other sections in this chapter for how to configure initiator and CHAP related settings: © 2008 Infortrend Technology Inc. All Rights Reserved. 41 iSCSI Configuration from the Bottom Up The sample process is based on Microsoft’s iSCSI initiator software. Step 1. Open the iSCSI initiator software, locate the iSNS server field by clicking the Discovery tab. Step 2. Click the Add button to key in an address. After an iSNS server address is added, you can check on host B (where the iSNS server is installed). And if you have previously configured logical drives and mapped them to host IDs, the target LDs should have been scanned in and appear on the iSNS server configuration screen. Note that an iSNS server may take several minutes to discover devices on the network on the initial setup. Step 3. If targets and initiators do not show up, please try the Refresh bottom. © 2008 Infortrend Technology Inc. All Rights Reserved. 42 iSCSI Configuration from the Bottom Up NOTE: An iSNS server is installed and operated using the administrator privilege. An incorrectly installed iSNS can still run, yet the discovery function will not avail. 11. SLP Configuration (optional) SLP is short for Service Location Protocol, and is supported since firmware revision 3.63. SLP is apt for the following: • If initiators do not have any information about the target. • Initiators can either multicast discovery messages directly to the targets or can send discovery messages to storage name servers. ƒ SLP Glossary • Service Agent (SA) - Advertises services - Services have attributes • User Agent (UA) - Finds services - Zero configuration © 2008 Infortrend Technology Inc. All Rights Reserved. 43 iSCSI Configuration from the Bottom Up • Directory Agent (DA) – Optional – Propagate service adverts • SLP Protocol – UDP (default) or TCP – Minimize multicast How does it work? 1. At startup, UAs and SAs first determine whether there are any DAs on the network. 2. A DA is present, it collects all service information advertised by SAs, and UAs unicast their requests to the DA. (In the absence of a DA, UAs repeatedly multicast the same request they would have unicast to a DA. SAs listen for these multicast requests and unicast responses to the UA if it has advertised the requested service.) © 2008 Infortrend Technology Inc. All Rights Reserved. 44 iSCSI Configuration from the Bottom Up 3. The SA registers the service’s location with the DA, and the UA obtains this location from the DA in a Service Reply message. 4. Service registrations have lifetimes no greater than 18 hours, so the SA must reregister the service periodically, or the lifetime expires. Step 1. Install iSCSI HBAs that support SLP, e.g., an Adaptec TOE. Step 2. Configure related iSCSI on storage system accordingly. 2-1. Map logical drives to host 2-2. Apply LUN Masking if security is a concern. 2-3. Add your initiators to your firmware initiator list. © 2008 Infortrend Technology Inc. All Rights Reserved. 45 iSCSI Configuration from the Bottom Up Step 3. Configure the iSCSI HBA on host. 3-1. After a successful installation, the HBA configuration software should be available on the OS. 3-2. Enable the SLP service. 3-3. Under the Target tab, iSCSI targets should have been scanned in after a while, or you may use Rescan Targets button. © 2008 Infortrend Technology Inc. All Rights Reserved. 46 iSCSI Configuration from the Bottom Up 3-4. Activate the access to targets by logging in, and apply CHAP authentication if preferred. 3-5. Check the iSCSI session status and complete the disk drive initialization process. © 2008 Infortrend Technology Inc. All Rights Reserved. 47 iSCSI Configuration from the Bottom Up 12. Jumbo Frame Jumbo Frames expand Ethernet’s packets so that fewer number of packets is processed by host. Most of today’s Gigabit Ethernet adapters support jumbo frames that allows host to use large MTU (Maximum Transfer Unit) size. The default size is 9014 bytes. CAUTION! The Jumbo Frame feature requires that all of the end devices in an iSCSI network support and have their Jumbo Frame function activated. Also pay attention to the maximum frame sizes set with Jumbo Frames on these devices. © 2008 Infortrend Technology Inc. All Rights Reserved. 48